"Breaking News: FBI Takes Down Chinese Government-Run Botnet Targeting U.S. Critical Infrastructure Revealed at Aspen Cyber Summit"
Last week, FBI director Christopher Wray and U.S. government agencies disclosed the takedown of a botnet controlled by a Chinese hacking group, Flax Typhoon, which was targeting critical infrastructure in the U.S. and overseas. The FBI took control of the botnet's infrastructure and removed malware from compromised devices, leading to a retaliatory Distributed Denial of Service attack by the hackers.
In a joint advisory, the FBI, Cyber National Mission Force, and NSA linked the botnet of 260,000 devices to the Chinese government, operated by Integrity Technology Group. The botnet used Mirai malware to control vulnerable devices, with over 1.2 million records of compromised devices, including 385,000 in the U.S.
Flax Typhoon, active since mid-2021, targeted organizations in Taiwan, including government agencies, education, manufacturing, and IT. The group compromised Microsoft Exchange servers and targeted various industries in Taiwan.
This takedown follows the disruption of another Chinese hacking group, Volt Typhoon, which targeted U.S. internet providers and critical infrastructure. The U.S. government warned of potential cyberattacks with destructive capabilities in the event of a conflict with China.
In summary, the FBI's successful operation against the Chinese government-run botnet highlights the ongoing threat of state-sponsored cyberattacks on critical infrastructure. Individuals and organizations should remain vigilant against such threats to protect their data and operations.